Описание
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to releaseResolved functions, aka qpdf-infiniteloop1.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| qpdf | fixed | 7.0~b1-1 | experimental | package |
| qpdf | fixed | 7.0.0-1 | package | |
| qpdf | no-dsa | stretch | package | |
| qpdf | no-dsa | jessie | package | |
| qpdf | no-dsa | wheezy | package |
Примечания
https://www.openwall.com/lists/oss-security/2017/05/23/10
https://github.com/qpdf/qpdf/issues/99
Связанные уязвимости
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to releaseResolved functions, aka qpdf-infiniteloop1.
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to releaseResolved functions, aka qpdf-infiniteloop1.
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to releaseResolved functions, aka qpdf-infiniteloop1.
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to releaseResolved functions, aka qpdf-infiniteloop1.
Уязвимость компонента libqpdf.a утилиты командной строки для преобразования PDF документов QPDF, позволяющая нарушителю вызвать отказ в обслуживании